package com.million.gulimall.gateway.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
import org.springframework.web.util.pattern.PathPatternParser;

/**
 * @Author: 吴俊杰
 * @Date: 2022/5/12  16:49
 */

@Configuration
public class CorsConfig {

    @Bean
    public CorsWebFilter corsFilter(){

        CorsConfiguration config = new CorsConfiguration();
        config.addAllowedMethod("*");
//        config.addAllowedOrigin("*");
        // 解决When allowCredentials is true, allowedOrigins cannot contain the special
        // value "*"since that cannot be set on the "Access-Control-Allow-Origin" response header.问题
        config.addAllowedOriginPattern("*");
        config.addAllowedHeader("*");
        config.setAllowCredentials(true); //让请求带cookie 跨域

        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(new PathPatternParser());
        source.registerCorsConfiguration("/**", config);

        return new CorsWebFilter(source);

    }
}
